2023-08-09 00:00:00
mitre
PUBLISHED
A SQL injection vulnerability in CSZCMS 1.3.0 allows remote attackers to run arbitrary SQL commands via p parameter or the search URL.